{"id":1289,"date":"2009-05-11T00:00:00","date_gmt":"2009-05-11T00:00:00","guid":{"rendered":"http:\/\/otava.test\/surviving-a-sas-70-audit\/"},"modified":"2025-10-14T09:58:07","modified_gmt":"2025-10-14T09:58:07","slug":"surviving-a-sas-70-audit","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/","title":{"rendered":"Surviving a SAS-70 Audit"},"content":{"rendered":"<div style=\"width: 550px; background-color: #1f89c5; color: white; padding: 10px; margin: 20px 0;\">\n<p style=\"color: white; text-align: left; padding: 10px;\"><strong style=\"color: white;\">Update:<\/strong> SAS 70 reports only on controls related to financial reporting. If you need assurance of controls directly related to data centers, including privacy, security and availability, look for a <a style=\"color: white; text-decoration: underline;\" href=\"https:\/\/www.onlinetech.com\/soc-2-hosting-soc-3-hosting\">SOC 2 report<\/a>.<br \/>\nSAS 70 was replaced by SSAE 16 in June 2011.<\/p>\n<\/div>\n<h4><span class=\"ez-toc-section\" id=\"Online_Tech_and_UHY_team_up_for_a_repeat_performance_on_How_to_Survive_a_SAS-70_Audit\"><\/span>Online Tech and UHY team up for a repeat performance on How to Survive a SAS-70 Audit<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<h3><span class=\"ez-toc-section\" id=\"You_Dont_Need_to_Fight_the_SAS-70_Audit\"><\/span>You Don&#8217;t Need to Fight the SAS-70 Audit<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Online Tech &amp; UHY have partnered for a <a title=\"SAS-70 Data Center Seminar\" href=\"https:\/\/onlinetech.com\/resources\/events\/\">seminar for CIOs and IT Directors<\/a> of publicly held companies or firms servicing publicly held companies on how to survive a SAS-70 Audit.<\/p>\n<p>SAS-70 is a nationally recognized audit standard for evaluating process and security control procedures across the data center. A SAS-70 audit is done by a CPA firm and a data security expert with experience in data center and network security.<\/p>\n<p>Certain types of data, by regulation, require a SAS-70 audit. Specifically, Sarbanes-Oxley calls for testing of internal IT controls that relate to financial reporting, even for outsourced IT functions. HIPAA also has specific data handling controls that can be confirmed with a SAS-70 audit report. PCI and CISP compliance can be more easily accomplished by starting with a SAS-70 audit.<\/p>\n<p>Online Tech has successfully thrived through a number of SAS-70 audits. They recently completed an audit on all their data centers and have assisted a number of colocation and dedicated server clients survive their own SAS-70 audits. It\u2019s these experiences from both the auditee and the service provider\u2019s perspective that has helped identify the five key elements for not only surviving a SAS-70 audit, but thriving as a result of the audit.<\/p>\n<p>Join Yan Ness, Chief Executive Officer of Online Tech and Angela McBride, Principal, UHY, LLP in sharing with you the &#8220;auditee&#8221; and the &#8220;auditor&#8221; view of the SAS-70 audit process and tips for successfully surviving the audit.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Update: SAS 70 reports only on controls related to financial reporting. If you need assurance of controls directly related to data centers, including privacy, security and availability, look for a SOC 2 report. SAS 70 was replaced by SSAE 16 in June 2011. Online Tech and UHY team up for a repeat performance on How to Survive a SAS-70 Audit You Don&#8217;t Need to Fight the SAS-70 Audit Online Tech &amp; UHY have partnered for a seminar for CIOs and IT Directors of publicly held companies or firms servicing publicly held companies on how to survive a SAS-70 Audit. SAS-70 is a nationally recognized audit standard for evaluating process and security control procedures across the data center. A SAS-70 audit is done by a CPA firm and a data security expert with experience in data center and network security. Certain types of data, by regulation, require a SAS-70 audit. Specifically, Sarbanes-Oxley calls for testing of internal IT controls that relate to financial reporting, even for outsourced IT functions. HIPAA also has specific data handling controls that can be confirmed with a SAS-70 audit report. PCI and CISP compliance can be more easily accomplished by starting with a SAS-70 audit. Online&#8230;<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-1289","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Surviving a SAS-70 Audit | OTAVA<\/title>\n<meta name=\"description\" content=\"Find out what it takes to survive a SAS 70 audit and ensure compliance with data security standards.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Surviving a SAS-70 Audit\" \/>\n<meta property=\"og:description\" content=\"Find out what it takes to survive a SAS 70 audit and ensure compliance with data security standards.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2009-05-11T00:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-14T09:58:07+00:00\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"Surviving a SAS-70 Audit\",\"datePublished\":\"2009-05-11T00:00:00+00:00\",\"dateModified\":\"2025-10-14T09:58:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/\"},\"wordCount\":310,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/\",\"url\":\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/\",\"name\":\"Surviving a SAS-70 Audit | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"datePublished\":\"2009-05-11T00:00:00+00:00\",\"dateModified\":\"2025-10-14T09:58:07+00:00\",\"description\":\"Find out what it takes to survive a SAS 70 audit and ensure compliance with data security standards.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Surviving a SAS-70 Audit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Surviving a SAS-70 Audit | OTAVA","description":"Find out what it takes to survive a SAS 70 audit and ensure compliance with data security standards.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/","og_locale":"en_US","og_type":"article","og_title":"Surviving a SAS-70 Audit","og_description":"Find out what it takes to survive a SAS 70 audit and ensure compliance with data security standards.","og_url":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/","og_site_name":"OTAVA","article_published_time":"2009-05-11T00:00:00+00:00","article_modified_time":"2025-10-14T09:58:07+00:00","author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"Surviving a SAS-70 Audit","datePublished":"2009-05-11T00:00:00+00:00","dateModified":"2025-10-14T09:58:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/"},"wordCount":310,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/","url":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/","name":"Surviving a SAS-70 Audit | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"datePublished":"2009-05-11T00:00:00+00:00","dateModified":"2025-10-14T09:58:07+00:00","description":"Find out what it takes to survive a SAS 70 audit and ensure compliance with data security standards.","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/surviving-a-sas-70-audit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"Surviving a SAS-70 Audit"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1289","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=1289"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1289\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=1289"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=1289"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=1289"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=1289"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}